cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (CXF-6338) Reversed logic in AbstractJwtHandler#validateSignature
Date Thu, 09 Apr 2015 00:24:12 GMT


ASF GitHub Bot commented on CXF-6338:

GitHub user jsamarziya opened a pull request:

    [CXF-6338] Fixed logic in AbstractJwtHandler#validateSignature

    Corrected the conditional expression in signature validation method.

You can merge this pull request into a Git repository by running:

    $ git pull master

Alternatively you can review and apply these changes as the patch at:

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #62
commit effebb6585eb90fba62d1e8d5759890a7bd9fd7c
Author: Jeffrey Samarziya <>
Date:   2015-04-09T00:13:51Z

    Reversed the logic in validateSignature()

commit ce30725690eef7fa32e9039d051754016d142dc3
Author: Jeffrey Samarziya <>
Date:   2015-04-09T00:19:09Z

    Merge remote-tracking branch 'upstream/master'


> Reversed logic in AbstractJwtHandler#validateSignature
> ------------------------------------------------------
>                 Key: CXF-6338
>                 URL:
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-RS Security
>    Affects Versions: 3.0.4
>            Reporter: Jeffrey Samarziya
>            Priority: Minor
> The logic in the {{validateSignature}} method in {{}}
is reversed - the method throws an OAuthServiceException when the signature is valid and doesn't
throw an exception when the signature is not valid.

This message was sent by Atlassian JIRA

View raw message